Fix ingress auth token injection, ttyd flags, and disable bonjour

This commit is contained in:
root
2026-01-29 17:59:42 +02:00
parent dc87859f00
commit cc81b9217a
+6 -2
View File
@@ -140,6 +140,9 @@ fi
# Write Clawdbot gateway config (JSON5) into the expected location. # Write Clawdbot gateway config (JSON5) into the expected location.
cat > /config/.clawdbot/clawdbot.json <<EOF cat > /config/.clawdbot/clawdbot.json <<EOF
{ {
# Disable wide-area discovery/bonjour announcements; HAOS networking can flap interfaces and crash ciao.
discovery: { wideArea: { enabled: false } },
gateway: { gateway: {
mode: "local", mode: "local",
bind: "${GW_BIND}", bind: "${GW_BIND}",
@@ -263,7 +266,8 @@ if [ "$ENABLE_TERMINAL" = "true" ]; then
# -W: allow clients to write (interactive) # -W: allow clients to write (interactive)
# -p: port # -p: port
# bind localhost only; exposed to HA via ingress reverse proxy # bind localhost only; exposed to HA via ingress reverse proxy
ttyd -W -i 127.0.0.1 -p 7681 bash & # ttyd is writable by default; use -R for read-only. (Some builds don't support -W)
ttyd -i 127.0.0.1 -p 7681 bash &
TTYD_PID=$! TTYD_PID=$!
else else
echo "Terminal disabled (enable_terminal=false)" echo "Terminal disabled (enable_terminal=false)"
@@ -273,7 +277,7 @@ fi
# Token is injected server-side; never put it in the browser URL. # Token is injected server-side; never put it in the browser URL.
# Render nginx config from template with the gateway token. # Render nginx config from template with the gateway token.
python3 - <<'PY' GW_TOKEN="$GW_TOKEN" python3 - <<'PY'
import os import os
from pathlib import Path from pathlib import Path